Dell Wake On LAN (WOL)Windows Service Update Server (WSUS) will patch the Windows OS (Windows 10, Windows 11, etc).
PDQ will deploy/patch 3rd party software (Chrome, Firefox, SAP, Acrobat Reader, etc). And I'm all for agent controlled systems like Ivanti/LANDesk/MobileIron.
AlienVault SEIM/USMA will track changes in the network.
Rapid7 will test for vulnerabilities and adhere to a standard.
But all the scheduling for after-hours scanning/patching/updating/deploying doesn't mean anything if the system isn't turned on.
As a Dell "shop", we are familiar with some of the abilities that are available, such as Dell Command Update:
dcu /scan
But Dell also has Dell Command PowerShell. This is a PowerShell module to control BIOS settings. Wait... what? Yup... awesome!
First, let's get the module which is convently stored in the PowerShell Gallery:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Install-Module -Name DellBIOSProvider
Note that PDQ recently put out a HowTo install PowerShell Modules through PDQ:
https://help.pdq.com/hc/en-us/articles/4404308051483-Installing-PowerShell-Modules-With-PDQ-Deploy
After the PowerShell module is deployed, there are get/set commands to do the following:
- set the WOL to enabled.
gi .\WakeOnLan
si .\WakeOnLan LanOnly -verbose
(Disabled | LanOnly | WlanOnly | LanWlan | LanWithPXEoot) - set the DEEPSLEEP to disabled.
gi .\DeepSleepCtrl
si .\DeepSleepCtrl Disabled -verbose
(Disabled | S5Only | S4AndS5) - set the BLOCKSLEEP to enabled.
gi .\BlockSleep
si .\BlockSleep Enabled -verbose
(Disabled | Enabled)
There are other settings as well such as get/set the wifi feature.
Note: here is the KB that has the matrix of when WOL will/won't work:
https://downloads.dell.com/manuals/common/dell-emc-remote-wake-up-config-dell-client-cmd-suite.pdf